❌

Reading view

SEC Consult SA-20260615-1 :: Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller)

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260615-1 >
=======================================================================
title: Multiple Vulnerabilities
Β  Β  Β  Β  Β  product: Wertheim SafeController Hardware for VAULT ROOMS
(Safe Deposit Locker System – Microcontroller)
vulnerable version: Controller 65000 - AssemblyVersion 6.11.8130.22319
Β  Β  Β  Β  Β  Β  Β  Β  Β  Β  Controller...
  •  

SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260615-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Wertheim SafeController Software for VAULT ROOMS
(Safe Deposit Locker System)
vulnerable version: AssemblyVersion 6.15.8328.28014
fixed version: No information provided by vendor
CVE number:...
  •  

SEC Consult SA-20260610-0 :: Local Privilege Escalation in Slate Digital Connect (macOS)

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260610-0 >
=======================================================================
title: Local Privilege Escalation
product: Slate Digital Connect (macOS)
Β vulnerable version: 1.37.0
fixed version: -
CVE number: CVE-2026-24066, CVE-2026-24067
Β  Β  Β  Β  Β  Β  Β impact: high
homepage:...
  •  

SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio - Waves Central

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260609-0 >
=======================================================================
title: Multiple Local Privilege Escalation Vulnerabilities
product: Waves Audio - Waves Central
vulnerable version: v13.0.8 - v16.6.0
Β  Β  Β  fixed version: v16.6.2
Β  Β  Β  Β  Β CVE number: CVE-2026-24064, CVE-2026-24065
Β  Β  Β  Β  Β  Β  Β impact: high...
  •  

[KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability

Posted by Egidio Romano on Jun 15

-----------------------------------------------------------------------
Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability
-----------------------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260610.
Older X3.4 and X3.5 releases may be affected too.

[-] Vulnerability Description:

A Local File Inclusion (LFI)...
  •  

[KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability

Posted by Egidio Romano on Jun 15

------------------------------------------------------
Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability
------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260610.
Older X3.4 and X3.5 releases may be affected too.

[-] Vulnerability Description:

A security weakness in the CAPTCHA implementation of Discuz! allows
automated...
  •  

[KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability

Posted by Egidio Romano on Jun 15

-------------------------------------------------------------
Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability
-------------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260501.

[-] Vulnerability Description:

The vulnerable code is located within the /config/config_ucenter.php
configuration file:...
  •  

SEC Consult SA-20260608-0 :: Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 08

SEC Consult Vulnerability Lab Security Advisory < 20260608-0 >
=======================================================================
title: Privilege Escalation via Binary Planting
Β  Β  Β  Β  Β  Β  product: Genetec-provided RabbitMQ in multiple Genetec products
vulnerable version: Multiple products, see below.
Β  Β  Β  fixed version: Multiple products, see below.
CVE number: CVE-2026-25112
Β  Β  Β  Β  Β  Β ...
  •  

[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping

Posted by Moritz Bechler via Fulldisclosure on Jun 08

Advisory ID: SYSS-2026-004
Product: SAP NetWeaver ABAP / SAP_BASIS
Manufacturer: SAP SE
Affected Version(s): SAP_BASIS 700 - 918
Tested Version(s): 7.93 Patch 300
Vulnerability Type: CWE-347: Improper Verification of Cryptographic Signature
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2025-11-06
Solution Date: 2026-02-10...
  •  
❌